Nmap Development mailing list archives
Do I have any chance???Please advise...
From: Gulshan Kumar <gulshan.yaadav () gmail com>
Date: Mon, 28 Mar 2011 14:51:17 +0530
Hi I am Gulshan(irc handle:-drake01) I am a second year student persuing Computer Science and Engineering from India. I know C, C++, python well. Learnt LUA as suggested by Nmap project ideas list. Have basic ideas about Computer Networks (how networks work and knows socket programming). Not tried to code anything for nmap by now. Currently trying to understand the code of NMAP source code and preparing project idea for nmap project. I joined the mailing list a bit late, actually quite late (because of some unavoidable personal reasons). I wanted to know following things from all of you (especially administrators), Q1-Where do I stand?? Am I too late for participating in GSOC2011 with nmap as mentor?? Q2-Am I following the right path (based on the steps which I am following, mentioned above)?? Please help me giving your valuable views about what changes should I make in my current routine and what should I focus more on while preparation. Criticism or suggestions are welcome!!! On Mon, Mar 28, 2011 at 8:06 AM, <nmap-dev-request () insecure org> wrote:
Send nmap-dev mailing list submissions to nmap-dev () insecure org To subscribe or unsubscribe via the World Wide Web, visit http://cgi.insecure.org/mailman/listinfo/nmap-dev or, via email, send a message with subject or body 'help' to nmap-dev-request () insecure org You can reach the person managing the list at nmap-dev-owner () insecure org When replying, please edit your Subject line so it is more specific than "Re: Contents of nmap-dev digest..." Today's Topics: 1. GSoC Candidate Intro and Project Discussion (Dautenhahn, Nathan Daniel) 2. Re: Question about GSoC Application (Toni Ruottu) 3. Re: nmap in GSoC - student idea (David Fifield) 4. Re: Duplicate hosts detection with ssh-hostkey (David Fifield) 5. Re: Idea for Nmap Gsoc 2011 (David Fifield) 6. Re: Ideas for NSE IPv6 (David Fifield) 7. Re: Greetings from Spain (Anubis LD) 8. Re: [GSOC] ncat gui idea (David Fifield) 9. GSoC URL (David Fifield) 10. Re: Possible bug report - nmap scan elapsed time changes into negative time (Daniel Miller) ---------------------------------------------------------------------- Message: 1 Date: Sun, 27 Mar 2011 16:46:14 -0500 From: "Dautenhahn, Nathan Daniel" <dautenh1 () illinois edu> Subject: GSoC Candidate Intro and Project Discussion To: "nmap-dev () insecure org" <nmap-dev () insecure org> Message-ID: <20516802-3D44-42AE-A4C9-3BF7EC737714 () illinois edu> Content-Type: text/plain; charset="us-ascii" Hey All- My name is Nathan Dautenhahn. I am a second year PhD student at the University of Illinois at Urbana-Champaign and am interested in working with the Nmap project for GSoC 2011. With this message I would like to get to know some of the devs, as well as outline my initial thoughts for the project. I would like to participate in the enhancement of Nmap's IPv6 capabilities. As I'm a researcher, I'm inclined to tackle more complex problems such as OS detection. I have previous experience in using statistical packet analysis to perform classification of encrypted traffic. At this point I still need to specify in greater detail my ideas and scope for the project, but figured it would be good to start here to make sure that I'm getting the right feedback throughout the process. I will say I don't know how current IPv4 host detection occurs, and assume that I should start there. The following lists an initial approach I would take in order to develop host detection: * Review IPv4 host recognition techniques and other literature on the subject * Review IPv6 RFC Specification * It seems as though host detection is very specific to the OS and other implementation specific issues, and as such profiling the different systems seems like a good first step. I would manually review packet traces from each OS in order to find any unique state produced by the system. * Review other state output visible to the network. This task would be focused on exposing any unexpected state that could be used for host detection. * After manually analyzing these traces and other output from the hosts I would start to develop some type of classification of different types of data we find valuable in performing host recognition. * Would need to analyze and define what type of pattern/classification technique we will use. * The next thing would be to build some type of initial prototype and see how it does. * Then make modifications and recurse over testing and modification until the application performs as desired. Like I said this is a very raw initial approach. Please provide any feedback to point the project in a direction that would better serve Nmap. I have a few questions: * What is the potential for publication coming from this work? Would Nmap be okay if attempted this, and would there be interest from Nmap to participate in this? * Is this too advantageous of a project, or would I also need to add in some other work? Additionally, the following link returns a 404 error: http://socghop.appspot.com/gsoc/org/home/google/gsoc2011/nmap As well as: http://www.google-melange.com/gsoc/org/home/google/gsoc2011/nmap These are the application and application template links. Thanks, ::nathan:: ------------------------------ Message: 2 Date: Mon, 28 Mar 2011 00:50:15 +0300 From: Toni Ruottu <toni.ruottu () iki fi> Subject: Re: Question about GSoC Application To: Nick Nikolaou <nikolasnikolaou1 () gmail com> Cc: nmap-dev () insecure org Message-ID: <AANLkTi=RoxOgfftBE1Kvest9kM2wZHhjoBJzU+eFkCMZ () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 I think the idea was to pick scripts that the applicant considers important, and feels comfortable doing. It does not make sense to say "these are the top-3 scripts" and have everyone write them down in their applications. The scripts one wants to work on should match the skills one mentions in the application, and the applicant should be able to write down why he thinks those scripts are important to him, or to others. Also I think the application does not need to be exactly what one is going to work on. It is supposed to describe understanding, suitability, and involvement. It is probably ok to do some adjustments to those plans during the summer. At least this is the impression I got from what was said earlier. On Mon, Mar 28, 2011 at 12:12 AM, Nick Nikolaou <nikolasnikolaou1 () gmail com> wrote:Hello everyone, I was going through the application template and I was wondering to which extend does that project proposal question (expected timeline,milestones) apply to NSE script developers.From my point of view, the objective would be to research and implementasmany useful scripts as time allows. Are there any scripts that youconsidermilestones and/or any specific deadline requirements? Thanks, Nick _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/------------------------------ Message: 3 Date: Sun, 27 Mar 2011 14:51:04 -0700 From: David Fifield <david () bamsoftware com> Subject: Re: nmap in GSoC - student idea To: Hiemanshu Sharma <hiemanshu () gmail com> Cc: "nmap-dev () insecure org" <nmap-dev () insecure org> Message-ID: <20110327215104.GU303 () gusto bamsoftware com> Content-Type: text/plain; charset=us-ascii On Fri, Mar 25, 2011 at 04:42:12PM +0530, Hiemanshu Sharma wrote:1) Updating everything to current python and Qt (and also lay foundation for a python 3 port)What do you mean by "current Python"? We use the most recent Python 2.6 and PyGTK as far as I know. We don't use Qt at all. If we move toPython3, we would abandon the Python 2 code completely (unless we can makethesame code work on both)--we don't want to maintain two copies of the program.I am planning to redesign it in PyQt because for one the libs in GNOME 3aregoing to change, and you would have to maintain two copies for it if you want to support both (Qt works on all 3 OSes much better than GTK doesandalso supports mobile devices)I can only speak for myself, but it's going to take some pretty compelling evidence to convince me that rewriting Zenmap with PyQt is a good idea. (In other words, it's not likely.) The other mentors probably feel the same way. Doing that job alone will probably take all summer, trading new compatibility problems and bugs for few benefits. I'm not trying to put your idea down, just trying to give you realistic expectations of how proposals will be evaluated. It may seem contradictory for me to say this, but I wouldn't be opposed to Zenmap's GUI being rewritten completely, however it would have to proceed from someone with a clear, unified design that removes Zenmap's current UI infelicities. It couldn't just be a straight port of the current UI. David Fifield ------------------------------ Message: 4 Date: Sun, 27 Mar 2011 15:05:56 -0700 From: David Fifield <david () bamsoftware com> Subject: Re: Duplicate hosts detection with ssh-hostkey To: Henri Doreau <henri.doreau () greenbone net> Cc: nmap-dev <nmap-dev () insecure org> Message-ID: <20110327220555.GV303 () gusto bamsoftware com> Content-Type: text/plain; charset=us-ascii On Fri, Mar 25, 2011 at 07:15:12PM +0100, Henri Doreau wrote:Hello, please find attached a patch for ssh-hostkey.nse. It adds a postrule to the script, that checks for IP addresses using the same hostkey(s) and report possible duplicate hosts.Thanks, that's a good idea. I have committed it. David Fifield ------------------------------ Message: 5 Date: Sun, 27 Mar 2011 15:20:34 -0700 From: David Fifield <david () bamsoftware com> Subject: Re: Idea for Nmap Gsoc 2011 To: Anil Pradyumna Chakicherla <pradyumnanil89 () gmail com> Cc: nmap-dev () insecure org Message-ID: <20110327222033.GW303 () gusto bamsoftware com> Content-Type: text/plain; charset=us-ascii On Sat, Mar 26, 2011 at 12:46:39PM +0530, Anil Pradyumna Chakicherla wrote:I would like to develop an addition to nmap by filtering the IP spoofing using the interdomain packet filtering using a C++ and i have already developed the skeleton on java so i can implement it onto the nmap circuit...Hello Anil, thanks for writing. If you're interested in applying for the Summer of Code, please see these pages: http://www.google-melange.com/gsoc/org/home/google/gsoc2011/nmap http://nmap.org/soc/ http://nmap.org/soc/GeneralRequirements.html http://nmap.org/soc/apply.html We'll need mroe information to help you with your proposal--from what you wrote above I don't know what it is. Nmap isn't usually a filtering program--are you thinking of a firewall or IDS? Is your Java skeleton online somewhere where we can see it? David Fifield ------------------------------ Message: 6 Date: Sun, 27 Mar 2011 15:25:14 -0700 From: David Fifield <david () bamsoftware com> Subject: Re: Ideas for NSE IPv6 To: nmap-dev <nmap-dev () insecure org> Message-ID: <20110327222514.GY303 () gusto bamsoftware com> Content-Type: text/plain; charset=us-ascii On Sun, Mar 27, 2011 at 10:46:17AM +0100, Djalal Harouni wrote:I just got a link to this tool: http://www.thc.org/thc-ipv6/ by THC. To quote THC: "A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6 ..." [1], the tool is under GPL v3.I have tried that toolset. The alive6 tool has good ideas for multicast host discovery. I put it with other ideas in my IPv6 notes: svn cat svn://svn.insecure.org/nmap-exp/david/ipv6/notes.txt David Fifield ------------------------------ Message: 7 Date: Mon, 28 Mar 2011 00:27:53 +0200 From: Anubis LD <livingdeaddivision () gmail com> Subject: Re: Greetings from Spain To: nmap-dev () insecure org Message-ID: <AANLkTim6n=-caKfktJMWa1H00ALWEvcyb1O6OkY=f_M4 () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 2011/3/27 David Fifield <david () bamsoftware com>Hi Sergio, thanks for writing. My advice is to write an application and do the best you can at showing your skills. Even if you are not accepted, it is good practice, and if it is a serious proposal it's not a waste of the reviewers' time. You can always try to gain a little experience by writing some small patch, or fixing a bug, or writing a new script. That's a good way to get involved with Nmap or another free software project. David FifieldHi David, many thanks for your answer and advice. Some days suscribed to the list and reading the work of the people has show me that sure it?s still soon for me. I?m very unexperienced compared to the rest of the people that are writing for giving ideas, so I will take your advice, I will write the application to know how do it in a good way and I will try to get more involved to be ready, a little more experienced and with better ideas, for the next GsC. Thanks again, -- Sergio <http://www.flickr.com/photos/livingdeaddivision/> ------------------------------ Message: 8 Date: Sun, 27 Mar 2011 15:44:29 -0700 From: David Fifield <david () bamsoftware com> Subject: Re: [GSOC] ncat gui idea To: Shinnok <admin () shinnok com> Cc: nmap-dev () insecure org Message-ID: <20110327224429.GZ303 () gusto bamsoftware com> Content-Type: text/plain; charset=us-ascii On Sun, Mar 27, 2011 at 01:45:33PM +0300, Shinnok wrote:I would like to probe my idea for this GSOC iteration for nmap against the nmap-dev list. What I am thinking about is a GUI for Ncat, written in native C++ code and Qt. It doesn't interface with ncat currently, though it's enough for a gui idea poc. The interfacing with netcat i'm planning to do it via UNIX pipes, either manually using dupes or libc popen() on *NIX, and _popen() on Windows *.*. Another choice for interfacing agains ncat would be to link against ncat's object files, though this effort would be more valuable in the case of Nmap(see bellow).Hello Shinnok. Thanks for writing and for explaining your ideas in detail. Will the GUI support some advanced uses that use features of the shell? To me, one of the best features of Netcat is that it behaves well as a shell program. For example, "Chain Ncats Together" from http://nmap.org/ncat/guide/ncat-tricks.html, and "Transfer a disk image with compression" from http://nmap.org/ncat/guide/ncat-file-transfer.html.Another reason that i am sending this e-mail is to probe the nmap's team and community need for a new GUI for nmap. The ideas pointed in this e-mail for Ncat were originally devised by me for a brand new interface for Nmap that I would want and need. While I do realize that Yet Another Gui(YAG) for Nmap would create fragmentation, it's the kind of fragmentation that keeps open source *secure* and diverse. Thus, what do you think about the same ideas written above, but applied for Nmap(add the mobile and embedded advantages of Qt on top)?A Summer of Code project to make a new GUI is very unlikely. I think people underestimate the amount of effort that goes into it. David Fifield ------------------------------ Message: 9 Date: Sun, 27 Mar 2011 16:55:58 -0700 From: David Fifield <david () bamsoftware com> Subject: GSoC URL To: "Dautenhahn, Nathan Daniel" <dautenh1 () illinois edu> Cc: "nmap-dev () insecure org" <nmap-dev () insecure org> Message-ID: <20110327235558.GA303 () gusto bamsoftware com> Content-Type: text/plain; charset=us-ascii On Sun, Mar 27, 2011 at 04:46:14PM -0500, Dautenhahn, Nathan Daniel wrote:Additionally, the following link returns a 404 error: http://socghop.appspot.com/gsoc/org/home/google/gsoc2011/nmap As well as:http://www.google-melange.com/gsoc/org/home/google/gsoc2011/nmapThese are the application and application template links.Thanks for letting us know about that. Hopefully it is only temporary; the Summer of Code infrastructure software (called Melange) was just upgraded this weekend. This URL seems to be working: http://www.google-melange.com/gsoc/org/google/gsoc2011/nmap Unfortunately it's not showing the application template at the moment. I'll check on it again tomorrow. David Fifield ------------------------------ Message: 10 Date: Sun, 27 Mar 2011 21:36:18 -0500 From: Daniel Miller <bonsaiviking () gmail com> Subject: Re: Possible bug report - nmap scan elapsed time changes into negative time To: nmap-dev () insecure org Message-ID: <AANLkTimYuzqxD9sVifvwo-gLEYJ_Yjs+NCeFaoU6nzYv () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" On 3/27/11, David Fifield <david () bamsoftware com> wrote:On Fri, Mar 25, 2011 at 09:01:47AM -0500, Daniel Miller wrote:I looked into this some more. The particular function that affects that output line is NmapOps::TimeSinceStartMS, which returns an int generated with the TIMEVAL_MSEC_SUBTRACT macro #defined in nbase/nbase.h: #define TIMEVAL_MSEC_SUBTRACT(a,b) ((((a).tv_sec - (b).tv_sec) * 1000) + ((a).tv_usec - (b).tv_usec) / 1000) The overflow happens when the difference in seconds is multiplied by 1000. Interestingly, the TIMEVAL_SEC_SUBTRACT macro: #define TIMEVAL_SEC_SUBTRACT(a,b) ((a).tv_sec - (b).tv_sec + (((a).tv_usec < (b).tv_usec) ? - 1 : 0)) returns seconds, and does not suffer from this overflow. A quick grep through the source for calls to TimeSinceStartMS: $ find . \( -name .svn -prune -false \) -o -print0 | xargs -0 grep -H --color TimeSinceStartMS shows that in only one case is the return value NOT divided by 1000.0 (which casts it to a float). The one case is an assignment to the starttimems attribute of the OsScanInfo class, which is only used one place (divided by 1000.0). I'm attaching a patch that adds a function, NmapOps::TimeSinceStartS, which returns a float. It does this using a new macro, TIMEVAL_FSEC_SUBTRACT, that results in a floating-point difference in seconds, which is the most common case. After converting all the calls to use this function, I can no longer find any calls to TimeSinceStartMS, but I left it in anyway. I tested this patch with a -A -T5 -vv -dd scan of my /24 subnet, and saw no issues.Thanks Daniel, this is a good idea. Make a few changes and I'll commit it: Rename TimeSinceStartS to TimeSinceStart. Rename starttimes to starttime. Remove TimeSinceStartMS. David FifieldI made the changes you suggested, and attached the patch. Dan -------------- next part -------------- A non-text attachment was scrubbed... Name: floattime.diff Type: text/x-diff Size: 7454 bytes Desc: not available URL: < http://cgi.insecure.org/mailman/private/nmap-dev/attachments/20110327/f637dc6d/attachment.bin------------------------------ _______________________________________________ nmap-dev mailing list nmap-dev () insecure org http://cgi.insecure.org/mailman/listinfo/nmap-dev End of nmap-dev Digest, Vol 72, Issue 72 ****************************************
-- Gulshan Kumar. 2nd Year, B.Tech Computer Science and Engineering NIT Trichy. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Do I have any chance???Please advise... Gulshan Kumar (Mar 28)
- Re: Do I have any chance???Please advise... David Fifield (Mar 28)